Report - notarizen.com/

Report Overview

Visited public
2024-12-07 15:17:33
Tags
URL
notarizen.com/
Finishing URL
notarizen.com/
IP / ASN
91.108.103.92
#47583 Hostinger International Limited
Title
notarizen.com/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

144

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
notarizen.com	unknown	2023-04-06	2021-02-01	2024-10-27	43 kB	1.1 MB	89.116.109.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed
2024-12-07	medium	notarizen.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/dist/tippy-bundle.umd.js?ver=10.8	ScriptElement	80 kB	2023-04-09	2025-06-24
Pretty URL notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/dist/tippy-bundle.umd.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 18:12 Last Seen2025-06-24 17:04 Times Seen99 Hash 86c991129664064199dd7395ba532b33 50bf5617716fa08c40686c81230111d43c2144ab e6c3cc515c8fbd47ddba8c5b3a98bfd505265919a674a110c31fd3b878744687 Loading...

	notarizen.com/	ScriptElement	3.2 kB	2024-12-07	2024-12-07
Pretty URL notarizen.com/ IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 15:17 Last Seen2024-12-07 15:17 Times Seen1 Hash 5c95cf7e448a29fb3126811dbfef6bf6 27a92e86358c1ebf7325c66813846da77c631f98 ec54586bc5f8cc0b2faf843ef79a7003bc852acddaa393233fd5fe9f8c1eb9d6 Loading...

	notarizen.com/wp-content/plugins/booking/_dist/all/_out/wpbc_all.js?ver=10.8	ScriptElement	449 kB	2024-12-01	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/_dist/all/_out/wpbc_all.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 06:51 Last Seen2025-05-22 20:01 Times Seen6 Hash eee4dd084eeb02263954491ee2f46900 6d402e15cdcfcc03b0c3c02a6edff7b9d153d7e2 a9a493d521ec6197df8312d170df043bb14a078a08cdb24c8abf518ebeddb942 Loading...

	notarizen.com/	ScriptElement	73 B	2024-12-07	2024-12-07
Pretty URL notarizen.com/ IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 15:17 Last Seen2024-12-07 15:17 Times Seen1 Hash d3a1a14c072897b8f8da3277fb857801 87c6821a7d06aeeb26304a35f072e6305dafe0a0 55a9e3b7214c6678d060685bee04c5ef34a844f00823b0a565a98ed135b07781 Loading...

	notarizen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-06-25
Pretty URL notarizen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-06-25 05:37 Times Seen121879 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	notarizen.com/wp-content/plugins/booking/js/client.js?ver=10.8	ScriptElement	35 kB	2024-12-01	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/js/client.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 06:51 Last Seen2025-05-22 20:01 Times Seen6 Hash 6b4e01fedd81e6661149d375df8b60f4 615807b835e516007cdea958e757c4771296193c e25c3b0c0192a39aeefe3dca4f5e896c90e194dc627806e19662da340c290b9e Loading...

	notarizen.com/wp-content/plugins/booking/includes/_capacity/_out/create_booking.js?ver=10.8	ScriptElement	90 kB	2024-09-09	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/includes/_capacity/_out/create_booking.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-09 23:28 Last Seen2025-05-22 20:01 Times Seen14 Hash 0bbb4e620f2a85f8d68cb8a4351fc5ab 15479ebdc1dfea7ed4a7024b6a675138978e7e3e e5902e2fcbd5dd964116bb9cc464cd83f0d6d23d6f4a9e2f963269d411bef1fa Loading...

	notarizen.com/wp-content/plugins/booking/js/wpbc_time-selector.js?ver=10.8	ScriptElement	3.8 kB	2024-12-01	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/js/wpbc_time-selector.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 06:51 Last Seen2025-05-22 20:01 Times Seen6 Hash 4d034081f2fb6631b371fd54a844d9a7 8d17f829dad0b57188295243b6258f84d62a11c9 f31c2c1847e78fe1f73bf18212764a53bc1a32775e82096a23700c3cafb95449 Loading...

	notarizen.com/	ScriptElement	3.5 kB	2024-12-07	2024-12-07
Pretty URL notarizen.com/ IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 15:17 Last Seen2024-12-07 15:17 Times Seen1 Hash 119a15b4056774f69f9c18f0b57e592f a111eea1e49e78ee42c697ad9c877514ac33ff5c 148cbe93be4338bfc3b35a54119d9806c820029552a435bd552037a740e2494c Loading...

	notarizen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2	ScriptElement	19 kB	2024-03-13	2025-06-25
Pretty URL notarizen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02 Last Seen2025-06-25 05:24 Times Seen49386 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	notarizen.com/wp-content/themes/gutenify-starter/js/animate.min.js?ver=20241027-184932	ScriptElement	1.4 kB	2023-03-09	2025-06-25
Pretty URL notarizen.com/wp-content/themes/gutenify-starter/js/animate.min.js?ver=20241027-184932 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 03:16 Last Seen2025-06-25 04:04 Times Seen79 Hash e8d3b1222107075f441a439bb90f6e25 fd88bf020cc59bc8e5da824f24678a8eae669161 0e39180865c18f77045c6deb0293f2661d53d731d4a8be43e48584659964b59a Loading...

	notarizen.com/	ScriptElement	1.0 kB	2023-11-08	2025-06-25
Pretty URL notarizen.com/ IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 09:30 Last Seen2025-06-25 01:16 Times Seen2435 Hash b18ab1c7cbb44f317423b92b75a5d9ac 675c70d0a356d3870095b77c6990e65017982549 66246b04584a56860ade5e12c3469df29af8824d788a619e41907521a17a3bfc Loading...

	notarizen.com/wp-content/plugins/booking/assets/libs/popper/popper.js?ver=10.8	ScriptElement	71 kB	2023-03-07	2025-06-24
Pretty URL notarizen.com/wp-content/plugins/booking/assets/libs/popper/popper.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-06-24 17:04 Times Seen94 Hash dfb9cba519a70c2bfcfeeb4955ce3e97 f34df190f253b3af9c64537582fc37e63a867847 876ac511c1616c3489bfc74f6815cbe4fa44673d8db7faa61e3df9aa9db50662 Loading...

	notarizen.com/wp-includes/js/wp-util.min.js?ver=6.6.2	ScriptElement	1.4 kB	2023-03-08	2025-06-25
Pretty URL notarizen.com/wp-includes/js/wp-util.min.js?ver=6.6.2 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-06-25 05:36 Times Seen21746 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	notarizen.com/wp-content/plugins/booking/js/datepick/jquery.datepick.wpbc.9.0.js?ver=10.8	ScriptElement	104 kB	2024-09-09	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/js/datepick/jquery.datepick.wpbc.9.0.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-09 23:28 Last Seen2025-05-22 20:01 Times Seen16 Hash 91c2e7481e8b973056c1858b3000a28a f9badab5fa5a52cd97b9eaf8fc3361c8129305e4 53db4ac2da4dd5613888a84bc4058790c3a64bf659b941efad47b6a2de2ac3ec Loading...

	notarizen.com/wp-content/plugins/booking/js/wpbc_times.js?ver=10.8	ScriptElement	25 kB	2024-12-01	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/js/wpbc_times.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 06:51 Last Seen2025-05-22 20:01 Times Seen7 Hash 823cf651a4c344747479450534723188 a02b64148c81565e5a19160af5880519aace0feb df2587bcdcd9cc8a7df9bd366c17b7e1aa8af30c37878f6f47dc3ba96db1821c Loading...

	notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.js?ver=10.8	ScriptElement	8.3 kB	2024-09-09	2025-05-22
Pretty URL notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.js?ver=10.8 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-09 23:28 Last Seen2025-05-22 20:01 Times Seen14 Hash 998d9357fefec9bd5440f4d40411cbb8 373c07a6c86740e247344a5108441100931f217f 75e32e7053423ea1adc9de4c35ecdd2da7b98750c7ab36c89f6d8ffd549d470a Loading...

	notarizen.com/wp-includes/js/underscore.min.js?ver=1.13.4	ScriptElement	19 kB	2023-03-08	2025-06-25
Pretty URL notarizen.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-06-25 04:13 Times Seen22267 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	notarizen.com/	ScriptElement	70 B	2023-03-07	2025-06-25
Pretty URL notarizen.com/ IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-06-25 05:20 Times Seen7906 Hash 4ff152a840e29705f2933718a2571bc3 6c7ed239bcd74ab7a0ea03b3dd4ab74ffceaff49 e426295764322c0b4d881b5da28c2591e9ff651fc07636da1e2979a62a2f349c Loading...

	notarizen.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-06-25
Pretty URL notarizen.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 89.116.109.90 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-06-25 05:37 Times Seen110587 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

HTTP Transactions (72)

URL IP Response Size

GET notarizen.com/

89.116.109.90

403 Forbidden

2.4 kB

URL User Request GET HTTP/2
notarizen.com/
IP
89.116.109.90:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
HTML document, ASCII text, with very long lines (4792), with no line terminators
Size
2.4 kB (2393 bytes)
Hash
b649bb4bbcec6444434d2df7501effb6
f8a04ac654e2234fa2644abf8e293d02bc01c8fd
c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 07 Dec 2024 15:17:05 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 92b67b0bfbdb28185b878ff11d2dbd5d-fast-edge4

notarizen.com/hcdn-cgi/jschallenge

89.116.109.90

200 OK

134 B

URL
notarizen.com/hcdn-cgi/jschallenge
IP
89.116.109.90:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text
Size
134 B (134 bytes)
Hash
57a36daecc1237d677c11f1dd3083762
127de039b1f67f0ab6d47354f3f58272b08bb410
e07c94cc279e34774d532980527ed35e61b5f301155ba3a459d321c6b91e331e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hcdn-cgi/jschallenge HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://notarizen.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 15:17:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 749a5a83239d30c84b846b37af095fc5-fast-edge4
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip

notarizen.com/favicon.ico

89.116.109.90

403 Forbidden

2.4 kB

URL
notarizen.com/favicon.ico
IP
89.116.109.90:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
HTML document, ASCII text, with very long lines (4792), with no line terminators
Size
2.4 kB (2393 bytes)
Hash
b649bb4bbcec6444434d2df7501effb6
f8a04ac654e2234fa2644abf8e293d02bc01c8fd
c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://notarizen.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sat, 07 Dec 2024 15:17:05 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: d05dd8af076776dcb3bd2af83e0a7c9d-fast-edge4

notarizen.com/hcdn-cgi/jschallenge-validate

89.116.109.90

200 OK

0 B

URL
notarizen.com/hcdn-cgi/jschallenge-validate
IP
89.116.109.90:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://notarizen.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://notarizen.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 07 Dec 2024 15:17:08 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg; Path=/; SameSite=Lax; HttpOnly
Server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 2c3fe7fa03ab93f8e1ab75d88b9b855f-fast-edge4
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET notarizen.com/wp-content/themes/gutenify-starter/style.css?ver=6.6.2

89.116.109.90

200 OK

8.5 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-starter/style.css?ver=6.6.2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Unicode text, UTF-8 text, with very long lines (1382)
Size
8.5 kB (8542 bytes)
Hash
18a755bea5ba41078347937b85cf176c
8e33607779b7fff856792d84974da990531b019a
c5828f9ef683773844b5a1d1dbc44cc6cb627d330b55b43cfaa24e7e55875e7c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-starter/style.css?ver=6.6.2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 8542
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:49:33 GMT
etag: "d2b8-671e8b3d-1572b784997b02cb;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a27bb47af7066dbfd2ff50c8a7d05140-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.214
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/blocks/social-links/style.min.css?ver=6.6.2

89.116.109.90

200 OK

1.5 kB

URL GET HTTP/2
notarizen.com/wp-includes/blocks/social-links/style.min.css?ver=6.6.2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (11600), with no line terminators
Size
1.5 kB (1462 bytes)
Hash
1e40916c24a957995589b20c3b145e55
d31bfce420030e49e51a5714f07ff2c31b812848
76371afa5c61a7b704fc29dcbdaddc1720b4e0d388ba6b04b55b4ad68abd73ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/blocks/social-links/style.min.css?ver=6.6.2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 1462
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "2d50-671e7fda-8ae5c46a187e9e0d;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 05cbaae2a394986a51873ceda6a11808-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.233
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap-theme.css?ver=10.8

89.116.109.90

200 OK

2.5 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap-theme.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2504 bytes)
Hash
79b12342c0c9ff028abe94da7fc86a63
82cc341e1643f884ffd7f6abcfebc83428e5fea4
b143244b6b6b5e2163952143b94e57841d7dd53bf6e85a88dab9c663bd73bb98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap-theme.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 2504
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "71ee-674745f4-f9ca536495b4429;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 60dfccf487b91eb11d6ad0e564658594-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.227
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-times.css?ver=10.8

89.116.109.90

200 OK

1.1 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-times.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (335), with CRLF line terminators
Size
1.1 kB (1105 bytes)
Hash
ddb2e46b55c29038bf88c43d5baa6604
dc57f2e0eda7e011b62e6b80c50de39e555ae94c
f1619ef73c5997e28fff6d18ac1374764dd9f84bdca2ceba0c46d6a5cde3b8d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-times.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 1105
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "1264-674745f4-c25df9561a386b9d;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 658f92cdab0acf8e068d0d0fe2064d6d-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.227
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/wpbc_ui_both.css?ver=10.8

89.116.109.90

200 OK

905 B

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/wpbc_ui_both.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
905 B (905 bytes)
Hash
d067b1c4e523d4c132e73a1bb95d6f42
a25d682bd44ddd3c4090e0c4aff1ff78046f832a
d0ded3f4b6a429d81d22ed2f62b2210476e5a99bd31c923949907de84f51f934

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/wpbc_ui_both.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 905
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "1a9f-674745f4-41483a64ef5695d3;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 05d981b87df6332974f4d418ad4aa5b6-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.213
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/_out/wpbc_fe__form_fields.css?ver=10.8

89.116.109.90

200 OK

3.1 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/_out/wpbc_fe__form_fields.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
3.1 kB (3056 bytes)
Hash
bdb5aa1f339564105d3fb6b9ecc190d9
19d5f7d021dfebdd6c8f7d989bc26a20551cc89e
b9fb5e4fe6142903a216d773a951121a3a7b574b175d3483d2602f44faf45519

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/_out/wpbc_fe__form_fields.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 3056
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "8374-674745f4-600f1c51d69ed4ea;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a59b0ebc29e2ed75eaa7c82645461bbf-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.216
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-starter/css/font-awesome/css/all.min.css?ver=5.15.3

89.116.109.90

200 OK

12 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-starter/css/font-awesome/css/all.min.css?ver=5.15.3
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (59158)
Size
12 kB (12319 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-starter/css/font-awesome/css/all.min.css?ver=5.15.3 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 12319
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:49:33 GMT
etag: "e7d0-671e8b3d-4c5e8c4fab305a5f;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 89db97e840a3b2e06139e206bdbdc09a-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.241
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/blocks/cover/style.min.css?ver=6.6.2

89.116.109.90

200 OK

1.4 kB

URL GET HTTP/2
notarizen.com/wp-includes/blocks/cover/style.min.css?ver=6.6.2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (17950), with no line terminators
Size
1.4 kB (1393 bytes)
Hash
fb1e8a7fdb8a1240ec7b90b498ce77d2
62c549867e546e9b70dbba51b299d0a884dd5df3
6e5647515297fbefdea571d0b1019a5c1a944114c7a780e6ce3452cb332cc0a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/blocks/cover/style.min.css?ver=6.6.2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 1393
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:59 GMT
etag: "461e-671e7fdb-5815f48c9fdc2a1b;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 407dede2e1f8c4f8b6bbdb94f33a75c7-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.244
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

89.116.109.90

200 OK

4.7 kB

URL GET HTTP/2
notarizen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
4.7 kB (4671 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 4671
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "3509-671e7fda-ebca7ffcad0cfd2c;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 745722a38e8d30c3e21d754dac951165-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.217
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-starter/css/theme-style.css?ver=20241027-184933

89.116.109.90

200 OK

0 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-starter/css/theme-style.css?ver=20241027-184933
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-starter/css/theme-style.css?ver=20241027-184933 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 0
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:49:33 GMT
etag: "0-671e8b3d-adfa8aba03f7324c;;;"
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 02ac7fc93b217ab1a03ac33c12e3d29b-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.243
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-popover.css?ver=10.8

89.116.109.90

200 OK

945 B

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-popover.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (335), with CRLF line terminators
Size
945 B (945 bytes)
Hash
39557cad5c6781f85ae62f6afb795e47
87dca86733fd0f74e3feff5f149ab87e847378b3
5e5e3bf769e43f16b18cdd79815a1488f4f79918549fdbb70829ffdbde78573a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/tippy.js/themes/wpbc-tippy-popover.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 945
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "1128-674745f4-efa27ce63e5f22a9;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 687a02d421d62a3cca421ab1432626f4-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.244
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/style.css?ver=20241027-184932

89.116.109.90

200 OK

821 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/style.css?ver=20241027-184932
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Unicode text, UTF-8 text, with very long lines (1404)
Size
821 B (821 bytes)
Hash
7cc279228a6d549bed68674ea35fffc9
cc6153b91725d119e5ce63a8c92c804247e3688a
0fd94b1886d88a1013e92133ac52882ff9fe8eb13b57f278189ac1f25c432e7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/style.css?ver=20241027-184932 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 821
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:49:32 GMT
etag: "7a0-671e8b3c-eff63c9422e52134;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a108b22d392ec12f480720364f4a7d0c-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.248
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-starter/js/animate.min.js?ver=20241027-184932

89.116.109.90

200 OK

460 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-starter/js/animate.min.js?ver=20241027-184932
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (1377), with no line terminators
Size
460 B (460 bytes)
Hash
e8d3b1222107075f441a439bb90f6e25
fd88bf020cc59bc8e5da824f24678a8eae669161
0e39180865c18f77045c6deb0293f2661d53d731d4a8be43e48584659964b59a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-starter/js/animate.min.js?ver=20241027-184932 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 460
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:49:33 GMT
etag: "561-671e8b3d-c801a2cb58e43f3;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a73fb7742ea8087570af0c76a67b6397-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.226
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-clock.png

89.116.109.90

200 OK

482 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-clock.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
482 B (482 bytes)
Hash
48f6e8f7358c981b77a677600e7ceff3
2a8185e2a37e7db4d450cf4e762717c6b6063271
7f4953cf433f76b753e09285f80589c6d0e841cf055b7597c178855074cbb0ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon-clock.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 482
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a64e1d0b1c67506dfef3ec7125fd6be2-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.229
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/js/client.js?ver=10.8

89.116.109.90

200 OK

6.9 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/js/client.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text
Size
6.9 kB (6873 bytes)
Hash
6b4e01fedd81e6661149d375df8b60f4
615807b835e516007cdea958e757c4771296193c
e25c3b0c0192a39aeefe3dca4f5e896c90e194dc627806e19662da340c290b9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/js/client.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 6873
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "87f7-674745f4-5e4194441f9d6d5e;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 1f04170df082f811ffa06f11ae35a652-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.230
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/wpbc_time-selector.css?ver=10.8

89.116.109.90

200 OK

454 B

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/wpbc_time-selector.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
454 B (454 bytes)
Hash
401476caa6f3fcb303a4d52a901797eb
8915cc60d578a9eaa929b955e91b554a63460f71
1bb6b1229becb6717ebf84310d26249c535453b997fc48349c5c862b2c6e7a1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/wpbc_time-selector.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 454
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "500-674745f4-60bed38a6c83c4c3;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 56bb6c297f3c974dde85cdfe8386e5a7-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.233
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/time_picker_skins/light__24_8.css?ver=10.8

89.116.109.90

200 OK

422 B

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/time_picker_skins/light__24_8.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
422 B (422 bytes)
Hash
c94f34d909ed81840ed0ce109ba8019c
1102872ab5250c4f4ff81fcad99b81df61e56a68
df7654f36a4a88fc3c23af79783525ca0b448cf2c1bcc2638781f196c9121bb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/time_picker_skins/light__24_8.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 422
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "6c3-674745f4-9986c379b0c588f9;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 9a3f0240cb60089b8d8b05d96d18b2bd-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.233
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.js?ver=10.8

89.116.109.90

200 OK

3.6 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (5927)
Size
3.6 kB (3598 bytes)
Hash
998d9357fefec9bd5440f4d40411cbb8
373c07a6c86740e247344a5108441100931f217f
75e32e7053423ea1adc9de4c35ecdd2da7b98750c7ab36c89f6d8ffd549d470a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 3598
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "2057-674745f4-da4ed018c1619ac0;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 6fe5d28bcbf2431ca11e89f211e2e160-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.234
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/skins/24_9__light_square_1.css?ver=10.8

89.116.109.90

200 OK

427 B

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/skins/24_9__light_square_1.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
427 B (427 bytes)
Hash
2a0d24fb45eb4af70736a257b1b1a89d
ce80731f144177fb3df0c1e8908549a0664f2774
37d6a5d83f96bb33876bc4a47bef04641f2470c8599468bd41e4cecff0d43090

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/skins/24_9__light_square_1.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 427
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "6b4-674745f4-521abc4bd3e587d0;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: d8f342088d89b2102568da9f6cd36a61-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.236
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/js/wpbc_time-selector.js?ver=10.8

89.116.109.90

200 OK

1.2 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/js/wpbc_time-selector.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.2 kB (1162 bytes)
Hash
4d034081f2fb6631b371fd54a844d9a7
8d17f829dad0b57188295243b6258f84d62a11c9
f31c2c1847e78fe1f73bf18212764a53bc1a32775e82096a23700c3cafb95449

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/js/wpbc_time-selector.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 1162
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "ebf-674745f4-93194bc22fbd3d63;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 3a5e281ca1eb4ba628fdabd972275eab-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.238
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.1.css?ver=10.8

89.116.109.90

200 OK

4.5 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.1.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4531 bytes)
Hash
d4d357246de80f58274c34e94dc83669
3f9f5c4b49f7be37100a09fa4e3d75c2ec17e6f1
8d698fd3b009577d3e8e65ca555bba6d923af7dcc456965ed0652c9d532fdba5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/core/timeline/v2/_out/timeline_v2.1.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 4531
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "b36b-674745f4-984df39029c28600;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 1465c954146888588d1844c4b3111057-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.244
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/calendar.css?ver=10.8

89.116.109.90

200 OK

6.6 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/calendar.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text
Size
6.6 kB (6617 bytes)
Hash
28abc04411f8a0e0db49d5d75fe093aa
a39d25f10320f862f0e119312d81c84b7770f1d0
4b78525df8142c9fdd5fcd9c6396a3c2b0bc67c9c9a1ee004f0af19bd979b9b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/calendar.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 6617
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "90bd-674745f4-f595fb8845887d78;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5842156116f174714ed6ec23d5d42201-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.245
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/computer_3067260.png

89.116.109.90

200 OK

6.1 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/computer_3067260.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.1 kB (6136 bytes)
Hash
6bffbf01a70a061bcb1c6026a412bc85
1e0f059e3456aab8d8c5f5526978dc6538e47513
9eab77cad517e7760c0b1f95b54dc64b01953051f60a27bb6544748b79e9c1b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/computer_3067260.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 6136
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 4e6244142c7f3245a81dc27dcb7b933e-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.239
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-location.png

89.116.109.90

200 OK

428 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-location.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
428 B (428 bytes)
Hash
b450435f31b5e6209ea1124c530ffc33
8a29f02cbe99aa106dbaaa42e282d59f645cdd74
0467add2dca2a92f67b5fe43970b370d2918eea03b4a93189dd5cf719dbadcb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon-location.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 428
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 2e912003f8f1f2bb65708b54788bce2c-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.253
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/client.css?ver=10.8

89.116.109.90

200 OK

9.9 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/client.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text
Size
9.9 kB (9942 bytes)
Hash
bb4b479653d176e3ef7bee8e1ae1c803
6341c456020f13b0ae385d46ab1c82cf1936ed32
191364f30bf910805ec3ff7365f364496ca8315a5a1032e91e67d3e27292473d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/client.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 9942
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "10330-674745f4-16806ba7e62b8f0;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 688d0beeb5f4ae9da084b455249e403b-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.256
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/js/wpbc_times.js?ver=10.8

89.116.109.90

200 OK

5.5 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/js/wpbc_times.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
5.5 kB (5480 bytes)
Hash
823cf651a4c344747479450534723188
a02b64148c81565e5a19160af5880519aace0feb
df2587bcdcd9cc8a7df9bd366c17b7e1aa8af30c37878f6f47dc3ba96db1821c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/js/wpbc_times.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 5480
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "60eb-674745f4-8383d1a4ed7a90f4;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 4a1b6f1fa460cc9eaff8fcef7c3b4bd3-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.261
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/car-rear_11747044.png

89.116.109.90

200 OK

3.9 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/car-rear_11747044.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.9 kB (3852 bytes)
Hash
e1014550faf2bd95e41fe77a7409b95c
53d527cf3fcface2ebb9b51a16807b7ebc4aeb31
96203fb4ac773b47459e295c2caa38cd71f1c42e064a1f5ca537ecb607400250

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/car-rear_11747044.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 3852
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 1532d2e434479bfe7f472177a94b8290-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.249
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-envelope.png

89.116.109.90

200 OK

410 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-envelope.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
410 B (410 bytes)
Hash
ee72f65aeda316c5b8895c8e98950f18
39ae83c8584885833322f9346cc3e7b6dd158288
86a5d16b528ad28023c269e18721ba8a917f90c732fb4f4b3ba1c73732743a91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon-envelope.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 410
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 3e387a6ae8b534c06a5cfec71df7692c-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.265
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-mail.png

89.116.109.90

200 OK

410 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-mail.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
410 B (410 bytes)
Hash
07e30483c955322e201fef7494c1be45
385ed9b9afb2139c287cf37d8b5295381701a10c
5c199230b45431fc0829ed416942bc4871854a90e2ed10f4275fab7435a86103

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon-mail.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 410
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 4c90407493c3c4bc2c8949170345a39d-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.230
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon08-1.png

89.116.109.90

200 OK

1.5 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon08-1.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.5 kB (1462 bytes)
Hash
a08d032bf300a0e7d95ea2f6ec33d4ed
573494e3cbb6a5298a6c8922468378a402bc53a3
e012001e5c85979ad713fc512519f3eba90dd5aa4dc1cc68fca1e75a8fda8f25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon08-1.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 1462
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5f4b1e5e45e8c7f3d96beaa7c81aa2df-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.241
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

89.116.109.90

200 OK

30 kB

URL GET HTTP/2
notarizen.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (29531 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 29531
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "15601-671e7fda-cc97b86921d29356;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5befa1bad9fcbd435c515a46fab7b783-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.212
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/presentation_6320065.png

89.116.109.90

200 OK

6.7 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/presentation_6320065.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.7 kB (6722 bytes)
Hash
c470eb17ba14786e3903b2af13c3dc2d
ff8fc1dca6e8257137c3253e9270928e132c2e2e
dfa4aad02be6cbb58711687c16a95afd41aae1aa34568b41e3e3509e7a0badab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/presentation_6320065.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 6722
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 644949708b78195352f10762c2cd1f47-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.251
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/js/underscore.min.js?ver=1.13.4

89.116.109.90

200 OK

7.2 kB

URL GET HTTP/2
notarizen.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (18798)
Size
7.2 kB (7150 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 7150
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "4991-671e7fda-ac33e67da9919a18;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 7ad7f8d991946c99630988fa9772673e-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.241
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-time.png

89.116.109.90

200 OK

478 B

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/images/icon-time.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
478 B (478 bytes)
Hash
b1f086f247ee0fe15d410ac1af83634d
0075fd92c3530f590c8560dca471c0ac50084b44
71c682c436c91c1e552997e990bd2ff790d3d2d243f6b1369a91e1ec5bec5fc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/images/icon-time.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 478
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 0357c2cdc75fdf65cc727a0c7dc7612a-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.244
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/js/datepick/jquery.datepick.wpbc.9.0.js?ver=10.8

89.116.109.90

200 OK

23 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/js/datepick/jquery.datepick.wpbc.9.0.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
23 kB (23011 bytes)
Hash
91c2e7481e8b973056c1858b3000a28a
f9badab5fa5a52cd97b9eaf8fc3361c8129305e4
53db4ac2da4dd5613888a84bc4058790c3a64bf659b941efad47b6a2de2ac3ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/js/datepick/jquery.datepick.wpbc.9.0.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 23011
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "19713-674745f4-7e963174d3685a9f;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: f9622fcdfdb0d4711c5f66d4a791a5fc-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.219
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/js/wp-util.min.js?ver=6.6.2

89.116.109.90

200 OK

690 B

URL GET HTTP/2
notarizen.com/wp-includes/js/wp-util.min.js?ver=6.6.2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (1391)
Size
690 B (690 bytes)
Hash
19d386c9004e54941c1cc61d357efa5d
0a77594006c8d86fdcc0adbc2b9aecaef3869586
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.6.2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 690
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "592-671e7fda-c423268d9be03c6a;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a9e255660b9cd811f662c94e371edc2e-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.241
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/document_888034.png

89.116.109.90

200 OK

3.5 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/document_888034.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.5 kB (3496 bytes)
Hash
7f6a5eed6cb95a5ae77bdf783403f380
93c571c4bda3dcd41afc0de7c236cef24de57eae
9412352a1b5d02f9baecaa1e39f763d2c38729d02f0eb0402b508360e37da63c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/document_888034.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 3496
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 0b74cd96dd264e1c2b534ccbc03942b3-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.258
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap.css?ver=10.8

89.116.109.90

200 OK

18 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with very long lines (1068), with CRLF line terminators
Size
18 kB (17969 bytes)
Hash
ffa39291a1f0cbffa406d8d69a7b3cb0
f676f655a5a080fc2d7054cdcc7e92da8b7d7d50
83c90780b4cf622301e13732bb1abecc8aa0c14637ab2071230ee18728250077

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/bootstrap-css/css/bootstrap.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 17969
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "281f7-674745f4-b30bf5a830b185ba;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 7de7331c3515c2f2fe3231e93ea55c5d-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.242
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/clipboard_15887585.png

89.116.109.90

200 OK

6.1 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/clipboard_15887585.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.1 kB (6072 bytes)
Hash
1cadc7c1cf18a491e4380417e4fbb60f
9b74fd4489e588dc538feb648b35c3db61b6d4ac
b0cb2a85f472bb78db5b02bc684b31cc017236a8775223c82754a4589698bcd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/clipboard_15887585.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 6072
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a5bcf04957da2a7cbcdff86daea713f1-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.266
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/includes/_capacity/_out/create_booking.js?ver=10.8

89.116.109.90

200 OK

22 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/includes/_capacity/_out/create_booking.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (38563), with CRLF, LF line terminators
Size
22 kB (21553 bytes)
Hash
0bbb4e620f2a85f8d68cb8a4351fc5ab
15479ebdc1dfea7ed4a7024b6a675138978e7e3e
e5902e2fcbd5dd964116bb9cc464cd83f0d6d23d6f4a9e2f963269d411bef1fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/includes/_capacity/_out/create_booking.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 21553
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "16021-674745f4-3ac4ba0d83b42f10;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 93d6b957c79494b739baeb63f08fe3c9-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.235
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-150x150.png

89.116.109.90

200 OK

7.1 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-150x150.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.1 kB (7148 bytes)
Hash
73bf22eb06fde1cbca3f9f9aa86c66ce
84dbe8e454a6854def85aafb48f855a70cdfd972
c086df4faecc389e2ed51c0b9af5f50bf21233e717a411fb079d26cd089fe1b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-150x150.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 7148
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 65440fe409f4a012a22ecc6bb392fe2c-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.321
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/popper/popper.js?ver=10.8

89.116.109.90

200 OK

16 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/popper/popper.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (576)
Size
16 kB (15954 bytes)
Hash
dfb9cba519a70c2bfcfeeb4955ce3e97
f34df190f253b3af9c64537582fc37e63a867847
876ac511c1616c3489bfc74f6815cbe4fa44673d8db7faa61e3df9aa9db50662

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/popper/popper.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 15954
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "11421-674745f4-39335d8c24e07db9;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: ca3ce86d0c7002135c775fc96217e265-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.249
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/dist/tippy-bundle.umd.js?ver=10.8

89.116.109.90

200 OK

18 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/tippy.js/dist/tippy-bundle.umd.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1426)
Size
18 kB (17682 bytes)
Hash
86c991129664064199dd7395ba532b33
50bf5617716fa08c40686c81230111d43c2144ab
e6c3cc515c8fbd47ddba8c5b3a98bfd505265919a674a110c31fd3b878744687

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/tippy.js/dist/tippy-bundle.umd.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 17682
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "137eb-674745f4-54db73b65b80aa6d;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 48a778822714128b41238ac55d979dbe-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.248
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/assets/libs/material-design-icons/material-design-icons.css?ver=10.8

89.116.109.90

200 OK

18 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/assets/libs/material-design-icons/material-design-icons.css?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
18 kB (17567 bytes)
Hash
464d5a85b071ee1a30491bf40ddfb5f9
6a12f284fcedc763ed0abbd050bc757b711ed451
2a0947c6445d0c0de1961a7c7afb3d05f494fae245c1fadecfc9d7e4548c3fc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/assets/libs/material-design-icons/material-design-icons.css?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 17567
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "1ccca-674745f4-9e43600a2f6312bb;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 89d38393968473fc7a00253241159260-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.265
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/portfolio_3222498.png

89.116.109.90

200 OK

8.0 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/portfolio_3222498.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.0 kB (8004 bytes)
Hash
7bf4ca566e5d1c62a45e316ddf7e50c9
e8aaf235204008b2977c63bf41a08793d4df5e28
a04e29f531678c1fb0eb5ce13bf6c02c35166d54083ae6742bdcf661464eeb42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/portfolio_3222498.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 8004
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: f8a71ed021c2d4d6b81c69b12e1e4222-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.339
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/remote-assistance_17752843.png

89.116.109.90

200 OK

15 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/remote-assistance_17752843.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (14872 bytes)
Hash
4ff2c79a2e00c0c9ba5cfd89e902aed8
817a9a6b5a3b3617ab18ece3bdf5d4db73d5a1fe
1d5325396c3c20c13a09d0a6195642d058a707da73fb03f5ccf0e3ad258c2eb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/remote-assistance_17752843.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 14872
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 251172bd3e2cbb0a4e4ff1a742192900-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.336
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/globe_2330622.png

89.116.109.90

200 OK

14 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/globe_2330622.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14464 bytes)
Hash
d46f1fd3acafaa31b5d3492471421ae6
164e641e5a71f0f02c9aa92bd5b20b37ac92c25d
181c2e3d7d696c8cb280c1b4969531de5c480b9dab2e08b6bd006eef579be876

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/globe_2330622.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 14464
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 6acc9c21a962bc6c04c846bce7c401a1-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.333
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/stamp_3381766-1.png

89.116.109.90

200 OK

8.7 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/stamp_3381766-1.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.7 kB (8652 bytes)
Hash
2ec5cbdc10ac1867c25ae2b0ba51fdd1
9880bb6852f48bdbdcb1812f52bc3884b819fd29
98b4998259f1eec3af08295f38b1f3d3e63a1d9f62aed13da1d87e60935fe4e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/stamp_3381766-1.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 8652
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a4f9cac397b7d2fa792677a593dc3ce3-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.353
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/contract_1358533.png

89.116.109.90

200 OK

11 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/contract_1358533.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (10806 bytes)
Hash
1d04b270714d0bc48ba7854b2ed078b7
fa384a8bf4acaaaa143ffa997af5744ab8cb2cba
dc5f5b13408990473eab82e85b06aab32b8e27c4203202b9e557d1acc1554cc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/contract_1358533.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 10806
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: b0db8524868e630bedbb90b537447552-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.351
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/signing_3130444.png

89.116.109.90

200 OK

12 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/signing_3130444.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11676 bytes)
Hash
b6e20af6769ecab72c2df0c52f151d97
a8612c2cf3eca649814fb8a7086a91ee621db4ff
2c28c9c2b7c530fccf20da6ef178c888c1fff00bc2eb0401de9f97be63736196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/signing_3130444.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 11676
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 466fbf5d731390352af5b4250e4cb756-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.344
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/destination_854996.png

89.116.109.90

200 OK

15 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/destination_854996.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (15130 bytes)
Hash
3f44883fa29f4d2f89e080aada5a5158
6727961b195086290b00323c6a60fa93467e4e3c
7969d1f82b77813b933ec862c3731b8249be93bc9d72ef30c080fd3cf2043c9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/destination_854996.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 15130
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 6f52141f445372af943d09f18d208405-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.352
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/fingerprint-scan_6692271.png

89.116.109.90

200 OK

24 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/fingerprint-scan_6692271.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24432 bytes)
Hash
c1c7e0712f99919992c0b0b3756aae38
1af76a4d7914762b266aa38b3d02629724404af2
398204091e9d5958fc6b1ae07821ebc074e4cfe0c72512557a81036773f505ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/fingerprint-scan_6692271.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 24432
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: c3ea78a226193b7766d5938b5931b9b8-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.341
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/delivery-box_5348585.png

89.116.109.90

200 OK

8.6 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/delivery-box_5348585.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.6 kB (8568 bytes)
Hash
ff4eecbb58a364038e3b7bd948adec00
bb37b25de9d558a76bcecb7b4f550658f265a3d6
9d6ddeb6bf59fc70b0a85826e2f501642163824ebc4dd851eae4923dd7c012b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/delivery-box_5348585.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 8568
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 0f8f531ac19f3ab01c89551654d3e11d-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.364
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/stamp_12427402.png

89.116.109.90

200 OK

8.7 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/stamp_12427402.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.7 kB (8702 bytes)
Hash
8820cd8bb2aeeb58bd0574e8970d244d
c63d14dbfd7069afe66b38045d53b7e39f46b0b9
4d0f7616e3c5c0b3c6daf757bc8839deafdb3a11938df75a1eed94c91ff698bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/stamp_12427402.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 8702
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 0ae4db083b4a14644e6851642f20125f-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.368
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/_dist/all/_out/wpbc_all.js?ver=10.8

89.116.109.90

200 OK

81 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/_dist/all/_out/wpbc_all.js?ver=10.8
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (411), with CRLF, LF line terminators
Size
81 kB (81247 bytes)
Hash
eee4dd084eeb02263954491ee2f46900
6d402e15cdcfcc03b0c3c02a6edff7b9d153d7e2
a9a493d521ec6197df8312d170df043bb14a078a08cdb24c8abf518ebeddb942

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/_dist/all/_out/wpbc_all.js?ver=10.8 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: application/x-javascript
content-length: 81247
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "6d8d7-674745f4-f6addbe63f5db0ef;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: f702797858a33b1caaa9deb570ddde8c-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.257
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/pexels-karolina-grabowska-7876093-1536x1024.jpg

89.116.109.90

200 OK

56 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/pexels-karolina-grabowska-7876093-1536x1024.jpg
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
56 kB (55736 bytes)
Hash
e0b939c21627d0462b92d1465d64f45e
93e2d89f13065a2c8dd0610f1ba9a232d7a79e59
c828267bcfcb6242750a87bf536bc3b34d509a56ef7b12a3f7ee6b9e54a4cc0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/pexels-karolina-grabowska-7876093-1536x1024.jpg HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 55736
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: edb6225be880c4986f936d42d3f66cdd-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.533
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/plugins/booking/css/skins/24_9__light.css

89.116.109.90

200 OK

4.8 kB

URL GET HTTP/2
notarizen.com/wp-content/plugins/booking/css/skins/24_9__light.css
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
ASCII text, with CRLF line terminators
Size
4.8 kB (4755 bytes)
Hash
41d06fba98de8c95a9c8840eaa64b69c
8079ceee1de81c0e02135a33170b1971fc157d25
bb120e62acd867c946ce66b1b812fbe9a40a0c10d881b10b47c0e3bf56df7359

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/booking/css/skins/24_9__light.css HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/wp-content/plugins/booking/css/skins/24_9__light_square_1.css?ver=10.8
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: text/css
content-length: 4755
cache-control: public, max-age=2592000
expires: Mon, 06 Jan 2025 15:17:09 GMT
last-modified: Wed, 27 Nov 2024 16:16:52 GMT
etag: "7926-674745f4-c035bbdde71e0981;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 0bd1cc1dc3ef218cd9a60c30bd8f2803-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.249
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/Stamp-1536x1025.jpg

89.116.109.90

200 OK

59 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/Stamp-1536x1025.jpg
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
59 kB (58922 bytes)
Hash
b3b6399121c6313b66ec7d670d9e75c5
a1bf754db386e88c07ad563bf2509708c57f5fdc
ac03d7c733d3d69d2e8b103a55e0a63d93d2940061bc36043edb7b1297eefba7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/Stamp-1536x1025.jpg HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 58922
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 48f7d9e6df9529297dfb499ed8e755f7-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.568
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/Fingerprint-1536x1024.jpg

89.116.109.90

200 OK

70 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/Fingerprint-1536x1024.jpg
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
70 kB (69842 bytes)
Hash
78d0c403f324a95324152204fc9f27d0
4750a45b0021c819455c9810a029df48f841e4e4
08ff1688c783aa37f985a5e65fee7736d2caa5b72b54d6c6f9649d02debf2b74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/Fingerprint-1536x1024.jpg HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 69842
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 9bb490a413ca6636b4ed5fa8fad75505-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.590
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/pexels-pavel-danilyuk-8111884-1536x1025.jpg

89.116.109.90

200 OK

95 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/pexels-pavel-danilyuk-8111884-1536x1025.jpg
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
95 kB (95168 bytes)
Hash
ce2a8be614d920e74ca8bbcc4689374d
3ea037f40444b74c40c5bf64fdf1e945e08deb98
91c70c61280990c1a5096a6939cf870120a716f9727bd06a72bc3011841a98b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/pexels-pavel-danilyuk-8111884-1536x1025.jpg HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 95168
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 14828e84f9999a5aa9b36f40c48c3bbe-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.602
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/pexels-mikhail-nilov-8730327-1536x1025.jpg

89.116.109.90

200 OK

82 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/pexels-mikhail-nilov-8730327-1536x1025.jpg
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
82 kB (82440 bytes)
Hash
0acd40f548d4b1ce5153de8d57a63241
9fef9234bc61f5db78f00b5bcbfeab3a39475fb3
55498964c9342c3459ba81c13081bee43ad1987cf513a54489bfa23aef5afaf4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/pexels-mikhail-nilov-8730327-1536x1025.jpg HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:09 GMT
content-type: image/webp
content-length: 82440
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 9528cb2d2e3679b9c4ffea6a679de7c2-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.609
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Regular.woff2

89.116.109.90

200 OK

51 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Regular.woff2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51148, version 1.0
Size
51 kB (51148 bytes)
Hash
4ca79fd9a4b1c35535ffed3118e5bdbe
722b6d3be6b1bebf45e7a98b09a3060c33361bc7
a2c1dd01db85a00fb60520dce8e9fbce9e80ef72b602a6750689fe606fb626e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Regular.woff2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: font/woff2
content-length: 51148
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:10 GMT
last-modified: Sun, 27 Oct 2024 18:49:32 GMT
etag: "c7cc-671e8b3c-af409a09b11c8f7;;;"
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 51ecda2583db387877013e4f0290fc65-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.228
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2

89.116.109.90

200 OK

4.6 kB

URL GET HTTP/2
notarizen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
4.6 kB (4619 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.6.2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: application/x-javascript
content-length: 4619
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:10 GMT
last-modified: Sun, 27 Oct 2024 18:00:58 GMT
etag: "4926-671e7fda-81e6ce8011e664d9;br"
content-encoding: br
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a97dc10875332b6435000adf59c28b3b-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.229
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-starter/css/font-awesome/webfonts/fa-solid-900.woff2

89.116.109.90

200 OK

78 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-starter/css/font-awesome/webfonts/fa-solid-900.woff2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-starter/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/wp-content/themes/gutenify-starter/css/font-awesome/css/all.min.css?ver=5.15.3
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:10 GMT
last-modified: Sun, 27 Oct 2024 18:49:33 GMT
etag: "13174-671e8b3d-23a7107df807fcdf;;;"
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 8d926173cd0235764050a5e104a5b0c2-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.227
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-SemiBold.woff2

89.116.109.90

200 OK

51 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-SemiBold.woff2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51092, version 1.0
Size
51 kB (51092 bytes)
Hash
a36b89cf7f8bc02d94deabfc59fb9897
504d76fef5fbdc410ef0a8e422d292365ce02e17
0bcf29d5a91c47ba2452ef5dd89570db049ce7803ec79b3621978e49f73bc02b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-SemiBold.woff2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: font/woff2
content-length: 51092
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:10 GMT
last-modified: Sun, 27 Oct 2024 18:49:32 GMT
etag: "c794-671e8b3c-da91765e822df01e;;;"
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: ee6b4a53052f66f17b8bb61145d0ccef-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.240
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Medium.woff2

89.116.109.90

200 OK

50 kB

URL GET HTTP/2
notarizen.com/wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Medium.woff2
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 50488, version 1.0
Size
50 kB (50488 bytes)
Hash
3b48234d19a2cff9b94f4a66385f479b
b625d2d3c97798f8ab5f6276533a7655a32b7423
54cedf5dd7570144d85d5f94e823e02147777e9063d548723122099546d149bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/gutenify-business-hub/assets/fonts/poppins/Poppins-Medium.woff2 HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: font/woff2
content-length: 50488
cache-control: public, max-age=604800
expires: Sat, 14 Dec 2024 15:17:10 GMT
last-modified: Sun, 27 Oct 2024 18:49:32 GMT
etag: "c538-671e8b3c-419289946bb595b9;;;"
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: abbe4e5323d0caf9dc70346c9dc7ba74-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.240
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-32x32.png

89.116.109.90

200 OK

1.1 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-32x32.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 kB (1140 bytes)
Hash
c338683f8f1f4cf07fcd9b85d7ee05e4
d7270b248f25baee3b90186dbbcce965607ea874
950486072524a66138aab1291c8ec8144cf1c491cd18ea5e51ac57acabf53c22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-32x32.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: image/webp
content-length: 1140
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: a78252eea1d89c170e3d9b4b16b9d323-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.244
accept-ranges: bytes
X-Firefox-Spdy: h2

GET notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-192x192.png

89.116.109.90

200 OK

9.5 kB

URL GET HTTP/2
notarizen.com/wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-192x192.png
IP
89.116.109.90:443
ASN
#0

Requested by
https://notarizen.com/
Certificate
IssuerLet's Encrypt
Subjectnotarizen.com
FingerprintD9:A9:D1:EE:07:A7:4C:83:7C:27:3B:5A:8E:9A:B8:73:90:8F:24:5C
ValiditySun, 27 Oct 2024 17:03:44 GMT - Sat, 25 Jan 2025 17:03:43 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.5 kB (9512 bytes)
Hash
00f34eb0fd5aff0716657f0b4eaf7eb1
72632aea9bf576c6ab35504f27baa91ae71d60bd
6039298f311ec6718279dfd068e81559788f26126ebdd37a5c9aa182c86c7450

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/10/cropped-Blucollare-LLC-circle-logo-modified-192x192.png HTTP/1.1
Host: notarizen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notarizen.com/
Cookie: hcdn=AQEAOKVlxXYfqLwcCpmKG8Hhm6o7dqxpeLQKcQQV0ekdYUD0ZlRnAAAAAADOAABgWAvhqrTt-yJjnVXKXcP2AAAAXHRE5ASgIjOGK8F26bAyvg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 15:17:10 GMT
content-type: image/webp
content-length: 9512
cache-control: public, max-age=31536000
x-hcdn-image-optimizer: f:webp q:85 w:1600
server: hcdn
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 30f00d576f06fc7d8df4979b40367385-fast-edge4
x-hcdn-cache-status: MISS
x-hcdn-upstream-rt: 0.407
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML